3 easy steps to create aliases file (all the users of mail server)

Tags

aliases, BASH, BASH Script, postfix

Step 1: Get all the user name from /etc/passwd file

root@access /h/fakrul# awk -F’:’ ‘{ print $1 }’ /etc/passwd > userlist.txt

Step 2: Add , at end of each line

root@access /h/fakrul# sed -e ‘s/$/,/’ userlist > userlist2.txt

Step 3: Remove all the line break and replace them with space

root@access /h/fakrul# sed ‘:a;N;$!ba;s/n/ /g’ userlist2.txt > userlist3.txt

Now create the desire aliases file from this txt file.

Postfix as Email Gateway

Tags

Email Gateway, linux, postfix

For mail gateway installation of postfix is same as before. There are some few changes:

1. changes in main.cf.

# vi /etc/postfix/main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
myhostname = hostname.domain-name.com
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 127.0.0.0/8
relay_domains = hash:/etc/postfix/relay_domains
transport_maps = hash:/etc/postfix/transport
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.2.11-documentation/samples
readme_directory = /usr/share/doc/postfix-2.2.11-
documentation/README_FILES
maximal_queue_lifetime = 30d
message_size_limit = 30480000000
mailbox_size_limit = 50480000000
smtpd_banner = $myhostname ESMTP
maps_rbl_domains = bl.spamcop.net
smtpd_client_restrictions = hash:/etc/postfix/access,
reject_unauth_pipelining
smtpd_sender_restrictions = reject_unknown_sender_domain,
hash:/etc/postfix/access
smtpd_recipient_restrictions = hash:/etc/postfix/access,
reject_rbl_client bl.spamcop.net, reject_non_fqdn_recipient,
reject_non_fqdn_sender, reject_unknown_s
ender_domain, reject_unknown_recipient_domain, permit_mynetworks,
reject_unauth_destination, reject_multi_recipient_bounce
biff = no
smtpd_helo_required = yes
smtp_always_send_ehlo = yes
default_destination_concurrency_limit = 10
default_destination_recipient_limit = 20
default_process_limit = 150
disable_vrfy_command = yes
strict_rfc821_envelopes = yes
header_checks = regexp:/etc/postfix/header_checks

Permit the domain you want to relay:

# vi /etc/postfix/relay_domains
domain1.com OK
domain2.com OK
domain3.com OK

Forward the relayed mail to the original mail server.

# vi /etc/postfix/transport
domain1.com smtp:[192.168.169.20]
domain2.com smtp:[172.16.17.18]
domain3.com smtp:[192.168.169.170]

Postfix : Anti Spam & Anti Virus Solution

Tags

antismap, antivirus, Clamav, greylisting, mailqueue, mailscanner, postfix, postgrey

SPAM or Unsolicited Commercial Email (UCE) is always hated by everybody. It is nightmare for all the system administrator. There are lot of talking and solutions regarding SPAM. I have collect some of this useful inforamtion and implement. These work miracle in my case. I have write this tutorial (basically collect!) to help you out. In this tutorial we will use Postfix as MTA. We will integrate MailScanner and Clamav for Antivirus solution and SpamAssassin and GreyListing for Antispam solution.

1. Postfix

2. Mailscanner

2. Clamav

4. SpamAssassin

5. GreyListing

MailScanner:

Before installing MailScanner make sure that your postfix is working properly. Download the MailScanner from http://www.mailscanner.info/downloads.html. Untar the file. Rune ./configure to install the MailScanner.

In the Postfix configuration file /etc/postfix/main.cf add this line:

header_checks = regexp:/etc/postfix/header_checks

In the file /etc/postfix/header_checks add this line:

/^Received:/ HOLD

The effect of this is to tell Postfix to move all messages to the HOLD queue.

In your MailScanner.conf file (probably in /etc/MailScanner or /opt/MailScanner/etc), there are 5 settings you need to change. They are all really near the top of the file. The settings are

Run As User = postfix

Run As Group = postfix

Incoming Queue Dir = /var/spool/postfix/hold

Outgoing Queue Dir = /var/spool/postfix/incoming

MTA = postfix

You will need to ensure that the user “postfix” can write to /var/spool/MailScanner/incoming and /var/spool/MailScanner/quarantine:

chown postfix.postfix /var/spool/MailScanner/incoming

chown postfix.postfix /var/spool/MailScanner/quarantine

Now run MailScanner, /etc/init.d/MailScanner start

Do the following to start MailScanner at startup

chkconfig postfix off

chkconfig —level 2345 MailScanner on

Clamav:

Download the clamav from http://www.clamav.net/. Untar the file. Add group clamav and user clamav under that group. Install the clamav. We don’t have to change anything in clamav configuration file. Make the following changes to the /etc/MailScanner/MailScanner.conf file:

Virus Scanning = yes

Virus Scanners = clamav 

Spamassain:

Download the spamassain from www.spamassassin.org. We need some perl module.

perl -MCPAN -e shell

Whenever it asks about manual configuration, say no

cpan> o conf prerequisites_policy ask

cpan> install Time::HiRes

cpan> quit

tar xzf Mail-SpamAssassin-version-no.tar.gz

cd Mail-SpamAssassin-version-no

perl Makefile.PL

make

You may now get some errors about pod2text. If you do, then do this command

ln -s /usr/bin/pod2man /usr/bin/pod2text

make

make test

This will fail horribly due to lack of Pod/Usage.pm, so now do this (remember whenever it asks about manual configuration, say no)

perl -MCPAN -e shell

cpan> o conf prerequisites_policy ask

cpan> install Pod::Usage

cpan> quit

Now to try the tests again

make test

make install

You now have installed SpamAssassin. The next step is to configure it and MailScanner.

vi /etc/MailScanner/MailScanner.conf

Change the setting for “Required SpamAssassin Score” to more than 5 as that generates quite a few false alarms.

It’s advised to set “Log Spam = yes” to start with.

You will of course need “Use SpamAssassin = yes”.

You are almost done! Just restart the MailScanner again. Send some test mail and check the maillog that if you are receiving mail or not.

SpamAssassin mainly tagged the mail as spam or not. If you check the mail header you will get something like this:

X-Spam-Status: Yes

or

X-Spam-Status: No

If mail is tagged as spam than the spam status will be yes otherwise it will be no. Now we will send the spam tagged mail in user spam folder. For this we need procmail. Install procmail from www.procmail.org. Let say our user name is info and home folder in /home/info. Info user mail are stored in /home/info/mail folder. Create a file named “spam” in /home/info/mail folder.

touch /home/info/mail/spam

chown info:info /home/info/mail/spam

Now create the following file in /home/info/ folder:

.procmailrc

# My variables HOME=/home/info MAILDIR=$HOME/mail # neccessary variables PATH=/usr/local/bin:/usr/bin VERBOSE=no LOGABSTRACT=yes COMSAT=no LOGFILE=$HOME/procmail.log :0 * ^X-Spam-Status: Yes $HOME/mail/spam # spamassassin rule ends here

Here ^X-Spam-Status: Yes is the main part. If the mail is tagged as spam than the spam mail will be send to user spam folder.

create the following file in /home/info folder

.forward

”|/usr/bin/procmail -t #info”

From now the spam tagged mail for info user will go it’s spam folder.

GreyListing:

GreyListing is the comparatively new technique to fight against spam. This technique work in following ways:

“When a request for delivery of a mail is received by Postfix via SMTP, the triplet CLIENT_IP / SENDER / RECIPIENT is built. If it is the first time that this triplet is seen, or if the triplet was first seen, less than 5 minutes ago, then the mail gets rejected with a temporary error. Hopefully spammers or viruses will not try again later, as it is however required per RFC.” [http://isg.ee.ethz.ch/tools/postgrey/]

With postfix we use PostGrey. Download PostGrey from http://isg.ee.ethz.ch/tools/postgrey/

For PostGrey we need the following perl module:

Net::Server

IO::Multiplex

BerkeleyDB (Perl module)

Berkeley DB (Library, version = 4.1)

wget http://isg.ee.ethz.ch/tools/postgrey/pub/postgrey-1.27.tar.gz tar -zxvf postgrey-1.27.tar.gz cd postgrey-1.27 cp postgrey_whitelist_* /etc/postfix/ cp postgrey /usr/local/bin cp postgrey /usr/local/sbin groupadd nogroup adduser postgrey mkdir /var/spool/postfix/postgrey/ chown postgrey:nogroup /var/spool/postfix/postgrey/

And make the following change to the postfix main.cf file:

main.cf

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10023

Run the following command:

/usr/local/sbin/postgrey —inet=10023 -d —delay=50 —greylist-text=”Policy restrictions; try later”

If everything is ok, postgrey will start. If anything does wrong you will get the output in /var/log/maillog.

Check netstat –nat for the port 10023. Try to send some test mail.

To start the postgrey at startup add the following lines in /etc/rc.local file:

# Start Postgrey

echo -n ‘Postgrey’;  /usr/local/sbin/postgrey —inet=10023 -d —delay=50 —greylist-text=”Policy restrictions; try later”

 # To /etc/rc.local before the start postfix line.

That’s all you need. Happy spam free mail.

Postfix : Standalone Mail Server

Tags

linux, Mail Server, mailqueue, MTA, MUA, postfix, Tutorial

Some Terminology

Part	What it Does	Example
Mail User Agent (MUA)	The MUA is the program which the user uses to read and send e-mail. It reads incoming messages that have been delivered to the user’s mailbox, and passes outgoing messages to an MTA for sending.	elm, pine, mutt
Mail Transfer Agent (MTA)	The MTA basicly acts as a “mail router”. It accepts a message passed to it by either an MUA or another MTA, decides based upon the message header which delivery method it should use, and then passes the message to the appropriate MDA for that delivery method.	sendmail, postfix, qmail
Mail Delivery Agent (MDA)	The MDA accepts a piece of mail from an MTA and performs the actual delivery.	mail.local, procmail

Structure of an Email Message

Email messages are compose of two parts:

1. Headers (lines of the form “field: value” which contain information about the message, such as “To:”, “From:”, “Date:”, and “Message-ID:”)

2. Body (the text of the message)

Example:

From johndoe@students.uiuc.edu Mon Jul 5 23:46:19 1999

Received: (from johndoe@localhost)

by students.uiuc.edu (8.9.3/8.9.3) id LAA05394;

Mon, 5 Jul 1999 23:46:18 -0500

Received: from staff.uiuc.edu (staff.uiuc.edu [128.174.5.59])

by students.uiuc.edu (8.9.3/8.9.3) id XAA24214;

Mon, 5 Jul 1999 23:46:25 -0500

Date: Mon, 5 Jul 1999 23:46:18 -0500

From: John Doe

To: John Smith

Message-Id:

Subject: This is a subject header.

This is the message body. It is seperated from the headers by a blank line.

SMTP and the Message Envelope

Postfix:

Download the postfix from http://www.postfix.org/. You can install both from tar.gz or rpm. Installation of postfix is straight forward. For rpm:

rpm –ivh postfix.version.rpm

For tar :

[root@mail postfix]# tar -zxvf postfix-2.1.5.tar.gz

[root@mail postfix]# rpm -qa | grep postifx

[root@mail postfix]# rpm -qa | grep sendmail

[root@mail postfix]# groupadd postfix

[root@mail postfix]# useradd -g postfix -s /bin/false postfix

[root@mail postfix]# groupadd postdrop

[root@mail postfix]# make

[root@mail postfix]# make install

The configuration files of postfix are in /etc/postfix folder. To make postfix work we mainly need to change two files. These are: main.cf and transport. The main.cf contains all the major configuration parameters. 

The following is a sample postfix main.cf file:

/etc/postfix/main.cf

# Install Time Configuration sendmail_path = /usr/sbin/sendmail newaliases_path = /usr/bin/newaliases mailq_path = /usr/bin/mailq setgid_group = postdrop manpage_directory = /usr/local/man sample_directory = /etc/postfix readme_directory = no html_directory = no queue_directory = /var/spool/postfix daemon_directory = /usr/libexec/postfix command_directory = /usr/sbin mail_owner = postfix myhostname = hostname.domain.com mydomain = domain.com myorigin = $myhostname mydestination= $myhostname, localhost.$mydomain, localhost mynetworks = 10.0.0.0/8, 127.0.0.0/8 smtpd_banner = $myhostname ESMTP header_checks = regexp:/etc/postfix/header_checks smtpd_client_restrictions = hash:/etc/postfix/access smtpd_sender_restrictions = reject_unknown_sender_domain, hash:/etc/postfix/access smtpd_recipient_restrictions = hash:/etc/postfix/access, reject_rbl_client bl.spamcop.net, reject_non_fqdn_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unknown_recipient_domain, permit_mynetworks, reject_unauth_destination, reject_multi_recipient_bounce biff = no smtpd_helo_required = yes maximal_queue_lifetime = 2d queue_run_delay = 3600s ignore_mx_lookup_error = yes smtp_always_send_ehlo = yes default_destination_concurrency_limit = 10 default_destination_recipient_limit = 20 default_process_limit = 150 best_mx_transport = local disable_vrfy_command = yes alias_database = hash:/etc/postfix/aliases mydestination = $myhostname, localhost.$mydomain, hash:/etc/postfix/transport relay_domains = hash:/etc/postfix/transport alias_database = hash:/etc/aliases transport_maps = hash:/etc/postfix/transport message_size_limit = 80000000 mailbox_size_limit = 1000000000

Explanation of the sample postfix main.cf configuration settings:

queue_directory	Postfix’s work directory. Where all the mail will be temporarily stored until it is delivered.
daemon_directory	Specifies the location of all the postfix programs.
command_directory	Specifies the location of all post* commands.
mail_owner	Specifies the user account that will own the mail queues.
myhostname	The name of this computer including the domain part. This is used when adding received by headers in email messages.
mydomain	This specifies the domain of this current computer.
myorigin	This name is added to locally originating email. So if you sent yourself a message from root, it would appear to come from root@mta1.domain.com.
mydestination	This setting tells postfix what domains it is the final destination for. This should be left at the default, and your domain should instead be listed in the transport file.
mynetworks	This setting tells postfix what networks it should consider local. In other words, computers connecting from any of these networks will be able to relay mail, etc. In our case, we put 127.0.0.0 (for localhost) and 10.0.0.0 (for any internal computer).
relay_domains	This setting tells postfix which domains it should relay. In this setting, we specify the transport file (which we’ll create below). This simply lists domains each on separate lines.
biff	This setting tells postfix not to use the biff program to let local users know that they have new email.
message_size_limit	This sets the maximum size of a message. Messages larger than 80 megs will be rejected. You can increase or decrease this based on your own server requirements.
mailbox_size_limit	This sets the maximum size of local mailbox files. We set it to 100 megs, although it should never reach this high because our only local mailboxes are spam and notspam
smtpd_banner	This is the banner that is displayed to connecting computers. It is a good security practice to give as little information as possible. I’ve included just the essentials.
transport_maps	This setting tells postfix where to find the transport information. The transport file is where we tell Postfix where to route certain mail. In our case, this file is where we tell Postfix that mail for domain.com should be delivered to our exchange server.
local_transport	This setting tells postfix that all local mail should be delivered using the local delivery agent.
smtpd_helo_restrictions, smtpd_sender_restrictions, smtpd_recipient_restrictions	These settings are used to deny access to postfix based on the HELO command, the sender, or the recipient. The recipient restrictions settings are used to prevent our mail server from being used as an open. You can get the details from http://www.postfix.org/uce.html
header_checks	The header_checks parameter restricts what is allowed in message headers. Patterns are applied to entire logical message headers, even when a header spans multiple lines of text.

Now change the transport file. The transport file contains the domain which have the relay access. The sample transport look like this:

/etc/postfix/transport

domain.com              local: .domain.com             local:

Run the following command:

Syntex	Comment
cp /etc/postfix/aliases /etc/	#copy the aliases file to /etc
postalias /etc/postfix/aliases	#create the aliases.db file
postalias /etc/ aliases	#create the aliases.db file
postmap /etc/postfix/transport	#create the transport.db file

You can now start postfix using the postfix start command. Please check from netstat –nat output that port 25 is opne. You should test to make sure that you can connect to the SMTP interfaces on port 25. To do this use the command:

telnet localhost 25

The server should respond with:

Trying 127.0.0.1…

Connected to localhost.

Escape character is ‘^]’.

220 mta1.domain.com ESMTP

press ctrl-], then type ‘quit’ to quit

For further troubleshoot please check the maillog from /var/log/maillog.

Sample /etc/postfix/access file:

zakat.guide@gmail.com 550 Sorry, You are BLOCKED

xxx@123.net         550 Sorry, You are BLOCKED on Our Network

83.156.130.100        550 Sorry, You are BLOCKED on Our

221.29.132.160        550 Sorry, You are

Sample /etc/postfix/header_checks file:

/^From: khatun@123.net.ae/       REJECT Your PC is Virus Infected, Clean it first.

/^Subject: No More Guessing/          REJECT I can’t except mail from you!!.

/^Subject: 5 Minute Auto Loan/        REJECT I can’t except mail from you!!.

/^Subject: YOU JUST WONT A FREE GREENCARD!/ REJECT I can’t except mail from you!!.

/^Subject: You Have A Tiffany Bracelet Waiting For You/ REJECT I can’t except mail from you!!.

Sample /etc/postfix/body_checks file:

/Your Place Can Be Improved/          REJECT You are BLOCKED on Our Network. 

/Your Private Or Company Account/     REJECT You are BLOCKED on Our Network. 

/Your Secure Investment/              REJECT You are BLOCKED on Our Network. 

/Your Spouce Cheating Online/         REJECT You are BLOCKED on Our Network. 

/Yourthings.com.br/                   REJECT You are BLOCKED on Our Network. 

/Young Hot Bitches/                   REJECT You are BLOCKED on Our Network. 

/Young Teen Bitches/                  REJECT You are BLOCKED on Our Network. 

Blind Carbon Copy Maps

# vi /etc/postfix/main.cf

# always_bcc = root → copy all the incoming & outgoing mail to the user root

# sender_bcc_maps = hash:/etc/postfix/sender_bcc → this is one to one carbon copy. In the file we define which users mail are copied.

# vi /etc/postfix/sender_bcc → user (sender to match) root(BCC receipent) [mail send by user  is BCC to root]

# postmap /etc/postfix/sender_bcc

SMTP Authentication

You have to go through the following steps:

1. install Cyrus-SASL
2. configure Cyrus-SASL

3. configure Postfix source-code with Cyrus-SASL support
4. build Postfix

5. (re)install Postfix
6. configure Postfix to use the SASL SMTP features 

Cyrus-SASL

SASL comes with default linux installation which is ok for us. Or we can install it from cyrus-sasl packages. We need the cyrus-sasl and cyrus-sasl-devel program along with one or more authentication mechanism. If it is install or not we can check it from rpm -q cyrus-sasl.

The initial script is located in /etc/init.d/saslauthd

Reinstall Postfix

Need to recompile the postfix to support SMTP Authentication

# rpm -qa|grep cyrus → need to support authentication

# cd /root/postfix-2.1.5

# make tidy → clean up the installation

# make makefiles CCARGS=”-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I/usr/include/sasl” AUXLIBS=”-L/usr/lib -lsasl2”

# make install

# postconf | grep smtpd_sasl

# postconf | grep smtpd_recipient_restriction

# postconf -a

# vi /etc/postfix/main.cf

# smtpd_sasl_auth_enable = yes

# smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination

# cd /usr/lib/sasl2

# vi smtpd.conf → pwcheck_method: saslauthd

                                                mech_list: plain login

#ln -s /usr/lib/sasl2 /usr/local/lib/sasl2

# saslpasswd2 username

Check for SMTP AUTH support

telnet localhost 25

S: 220 mail.example.com ESMTP Postfix

C: EHLO example.com

S: 250-mail.example.com

S: 250-PIPELINING

S: 250-SIZE 10240000

S: 250-VRFY

S: 250-ETRN

S: 250-AUTH PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI

S: 250-AUTH=PLAIN LOGIN DIGEST-MD5 CRAM-MD5 GSSAPI

S: 250-XVERP

S: 250 8BITMIME

C: quit

S: 221 Bye

Delete Postfix Queue based on domain name or email pattern

Tags

delete mail, domain, mail queue, My Work, postfix

I found this particluar perl file very effective. This scripts give me the option to delete mail from the queue based on domain name or email id pattern. I have found this script in www.cyberciti.biz

$1>$1>

$1>

#!/usr/bin/perl

$REGEXP = shift || die "no email-adress given (regexp-style, e.g. bl.*@yahoo.com)!";

@data = qx/sbin/postqueue -p>;
for (@data) {
if (/^(w+)(*|!)?s/) {
$queue_id = $1;
}
if($queue_id) {
if (/$REGEXP/i) {
$Q{$queue_id} = 1;
$queue_id = "";
}
}
}

#open(POSTSUPER,"|cat") || die "couldn't open postsuper" ;
open(POSTSUPER,"|postsuper -d -") || die "couldn't open postsuper" ;

foreach (keys %Q) {
print POSTSUPER "$_n";
};
close(POSTSUPER);

Save this scripts and change the chmod to 755 (make the scripts executable). Now you can run the following command

./script.pl domain.com which will delete the domain.com mail from the mailq.
./script.pl xyz which will delete all queued messages that contain the word "xyz" in the e-mail address.

$1>